| 来源类型 | Working Paper
|
| 规范类型 | 论文
|
| Enhancing network security: A cyber strategy for the next administration |
| Ariel Rabkin; Jeremy A. Rabkin
|
| 发表日期 | 2016-05-18
|
| 出处 | American Enterprise Institute
|
| 出版年 | 2016
|
| 语种 | 英语
|
| 摘要 | Introduction
Communications in cyberspace pose distinctive security challenges. Starting in 2009, the United States Military incorporated a Cyber Command on the premise that cyberspace domination could be as important in a time of conflict as traditional domains of air, sea, and land warfare.[1] This agency’s charter covers only “specified Department of Defense information networks,” leaving the civilian Internet for others.[2]
This paper is concerned with how the United States should protect civilian Internet use. We leave questions of national security—in the military sense—for the Defense Department and those who contribute to its (largely classified) planning and implementation.
But a glance at strategic concerns illustrates the importance and difficulty of the challenge, even with civilian communications. The “domain” of sea power offers instructive analogies with cybersecurity.
Even on the high seas, the burden of protecting ocean commerce has not always rested with the Navy alone. Until piracy was suppressed in the mid-19th century, it was common for merchant ships to arm themselves to fight off pirate attacks. In recent years, many commercial ships have arranged for private security firms with armed operatives to help protect them from pirate attacks in particularly dangerous regions.[3] During the world wars, the US Merchant Marine, following the lead of British ships, mounted naval guns—and later deployed depth charges—to fight off U-boat attacks.
As with the seas, so with cyber: to the extent that we can, we should assure that electronic communications transit freely in the cyber domain. We should insist on the security of our own communications.
Our focus in this paper is on ways to safeguard American-based networks. But because so much of the world’s Internet traffic transits through American networks, what we do here can contribute to global Internet security. It can also be an example to foreign partners—and a deterrent to foreign adversaries. We think private security firms, as well as the US government, can contribute to safeguarding American cyber networks.
A major component of our proposed strategy is to raise the cost of attacks by identifying attackers and sometimes hitting back at them. To achieve this, private firms should be given the latitude to experiment with active countermeasures. As we explain, there are good policy reasons to encourage such experimentation. The policy and legal objections to hack-back activities are less weighty than critics assume.
We also outline two additional elements of a security strategy. First, we offer a set of legal changes that will increase the incentives for private firms to build secure and resilient products. This will make American cyberspace more robust against attacks by criminals and foreign powers. Second, we propose a new federal cybersecurity agency to oversee and coordinate government security activities and defenses of privately operated critical infrastructure.
Read the full report.
Notes |
| 主题 | Technology and Innovation
|
| 标签 | Cyber attack
; Cybersecurity
; Global Internet Strategy (GIS) project
; internet
; technology
|
| URL | https://www.aei.org/research-products/working-paper/enhancing-network-security-a-cyber-strategy-for-the-next-administration/
|
| 来源智库 | American Enterprise Institute (United States)
|
| 资源类型 | 智库出版物
|
| 条目标识符 | http://119.78.100.153/handle/2XGU8XDN/207343
|
推荐引用方式
GB/T 7714 |
Ariel Rabkin,Jeremy A. Rabkin. Enhancing network security: A cyber strategy for the next administration. 2016.
|
|
文件名:
|
Enhancing-network-security.pdf
|
|
格式:
|
Adobe PDF
|
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
